

CLAIMS 



What is claimed is: 




. A versatile customizable combination system for providing filtering of outbound 



requests for access to web sites on the Internet and for controlling inbound requests from the 
Internet for access to a web site of the system, comprising: 

a plurality of computer users each having a dynamically allocated Internet protocol 
address or a static Internet Protocol address, 

one or a plurality of user computers, 

an administrative module/interface that includes configuration settings for inbound 
communications and for outbound communications, has list maintenance functions including list 
editing, list deleting, searching of lists, saving of lists, proxy chaining routing, adding and deleting 
users, interchanging lists and importing and exporting lists, 

said administrative module located in a user computer for configuring a range of access 
levels and being capable of creating three types of user accounts that have unique user names and 
passwords for each user account including an administrator account that is self-configuring, 
regular accounts with administrative privileges other than the privilege to create additional 
accounts or view information on any other accounts and regular accounts without administrative 
privileges and in addition a fourth type of user account namely one anonymous guest user account 
to be used by general users who have no system-based user name or password, 

a first proxy server in each user computer of a local area network with access to the world 
wide web, each of said first proxy server having a friendly outbound list and an unfriendly 
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outbound list only one of which is active at any given time, and having a friendly inbound list and 
an unfriendly inbound list only one of which is active at any given time, the friendly outbound list, 
the unfriendly outbound list, the friendly inbound list and the unfriendly inbound lists being 
uniquely configurable by each user, 

said first proxy server programmed to receive a request from an HTTP client and register 
the request in a logfile of all web sites requested by a user, check the identity of a requesting client 
and of a requested URL against the friendly inbound, friendly outbound, unfriendly inbound or 
unfriendly outbound list maintained by the administrative module and then either approve the 
request, terminate the request or re-route the request without the knowledge of the user, 

a second proxy server without an administrative module or a friendly or unfriendly list 
placed between the first proxy server and the Internet located at a gateway of a Local Area 
Network system or at an Internet Service Provider, the second proxy server being capable of 
communicating to a proxy of a destination or directly to a destination, said second proxy server 
having an Internet Protocol address known only to a holder of the administrator account or a 
regular account with administrative privileges, 

the first proxy server and the second proxy server have a network communication link 
between them. 

2. The system of claim 1, wherein the second proxy server is a first proxy server but has 
an empty unfriendly outbound list. 

3. The system of claim 1, wherein a third proxy server and/or additional proxy servers 
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forward inbound requests for resources to other proxy servers. 



4. The system of claim 1, wherein the system is compatible with both dialup modem 
connection to the Internet and with network line connection. 

ZA versatile customizable combination system for providing filtering of outbound 
for access to web sites on the Internet and for controlling inbound requests from the 
Internet for access to a web site of the system, comprising: 

a plurality of computer users each having a dynamically allocated Internet protocol 
address or a static Internet Protocol address, 
one or a plurality of user computers, 

an administrative module/interface that includes configuration settings for inbound 
communications and for outbound communications, has list maintenance functions including list 
editing, list deleting, searching of lists, saving of lists, proxy chaining routing, adding and deleting 
users, interchanging lists and importing and exporting lists, 

said administrative module located in a user computer for configuring a range of access 
levels and being capable of creating three types of user accounts that have unique user names and 
passwords for each user account including an administrator account that is self-configuring, 
regular accounts with administrative privileges other than the privilege to create additional 
accounts or view information on any other accounts and regular accounts without administrative 
privileges and in addition a fourth type of user account namely one anonymous guest user account 
to be used by general users who have no system-based user name or password, 
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• 

a first proxy server in each user computer of a local area network with access to the world 
wide web, each of said fist proxy server having a friendly outbound list and an unfriendly 
outbound list only one of which is active at any given time, and having a friendly inbound list and 
an unfriendly inbound list only one of which is active at any given time, the friendly outbound list, 
the unfriendly outbound list, the friendly inbound list and the unfriendly inbound lists being 
uniquely configurable by each user, 

said first proxy server programmed to receive a request from an HTTP client and register 
the request in a logfile of all web sites requested by a user, check the identity of a requesting client 
and of a requested URL against the friendly inbound, friendly outbound, unfriendly inbound or 

?=* 

J} unfriendly outbound list maintained by the administrative module and then either approve the 

y = 

gl request, terminate the request or re-route the request without the knowledge of the user, 
® a second proxy server without an administrative module and without a friendly or 

y 5 unfriendly list placed between the first proxy server and the Internet located at a gateway of a 

O 

Local Area Network system or at an Internet Service Provider, the second proxy server being 

4: capable of communicating to a proxy of a destination or directly to a destination, said second 

□ 

□ proxy server having an Internet Protocol address known only to a holder of the administrator 
account or a regular account with administrative privileges, 

the first proxy server and the second proxy server have a communication link between 

them, 

and wherein inbound communications are arranged so that an actual location of a highly 
sensitive resource is located in an unpublished location that is a replacement location to which 
requests rejected by the first proxy server are rerouted, wherein approved users are listed in the 
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first proxy server in the unfriendly inbound list and are sent by the first proxy server to the 
replacement location, and wherein unapproved users are not listed in the unfriendly inbound list 
and have their request sent to a published address that contains harmless information. 

6. The system of claim 5, wherein the second proxy server is a first proxy server but has 
an empty unfriendly outbound list. 



requests for access to web sites on the Internet and for controlling inbound requests from the 
Internet for access to a web site of the system, comprising; 

a plurality of computer users each having a dynamically allocated Internet protocol 
address or a static Internet Protocol address, 

one or a plurality of user computers, 

an administrative module/interface that includes configuration settings for inbound 
communications and for outbound communications, has list maintenance functions including list 
editing, list deleting, searching of lists, saving of lists, proxy chaining routing, adding and deleting 
users, interchanging lists and importing and exporting lists, 

said administrative module located in a user computer for configuring a range of access 
levels and being capable of creating three types of user accounts that have unique user names and 
passwords for each user account including an administrator account that is self-configuring, 
regular accounts with administrative privileges other than the privilege to create additional 
accounts or view information on any other accounts and regular accounts without administrative 
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privileges and in addition a fourth type of user account namely one anonymous guest user account 
to be used by general users who have no system-based user name or password, 

a first proxy server in each user computer of a local area network with access to the world 
wide web, each of said first proxy server having a friendly outbound list and an unfriendly 
outbound list only one of which is active at any given time, and having a friendly inbound list and 
an unfriendly inbound list only one of which is active at any given time, the friendly outbound list, 
the unfriendly outbound list, the friendly inbound list and the unfriendly inbound .lists being 
uniquely configurable by each user, 

said first proxy server programmed to receive a request from an HTTP client and register 
the request in a logfile of all web sites requested by a user, check the identity of a requesting client 
and of a requested URL against the friendly inbound, friendly outbound, unfriendly inbound or 
unfriendly outbound list maintained by the administrative module and then either approve the 
request, terminate the request or re-route the request without the knowledge of the user, 

and wherein inbound communications are arranged so that an actual location of a highly 
sensitive resource is located in an unpublished location that is a replacement location to which 
requests rejected by the first proxy server are rerouted, wherein approved users are listed in the 
first proxy server as unfriendly and are sent by the proxy server to the replacement location, 
wherein unapproved users are not listed in the unfriendly inbound list and have their request sent 
to a published address that contains harmless information. 

8. The system of claim 7, wherein the range of access levels ranges from maximum 100% 
access to full suspension. 
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